Tanium comments on Digital burglary at recruitment agency Morgan Hunt
July 2022 by Chris Vaughan, Area VP and Technical Account Manager EMEA at Tanium
This morning, it was confirmed that British recruitment agency Morgan Hunt suffered a digital burglary, with intruders making off with the personal data of some of the freelancers on its books. Morgan Hunt – which provides personnel services to clients in the charity education, finance, government, housing and technology sectors – confirmed the break-in in a letter to contractors.
The comment from Chris Vaughan, Area VP and Technical Account Manager EMEA at Tanium, had to say about the breach.
“The fact that this breach involves an unauthorised access to the company’s database, is a stark reminder of the need for organisations to have visibility of all organisations and systems connected to their network and to appropriately evaluate vendor risks.
Companies often place a huge amount of trust in third party vendors – usually down to reputation if they haven’t been breached before, or if they claim to invest heavily in cybersecurity.
However, IT teams need to be more thorough than this. They should ask themselves questions such as: do I really know how well our suppliers manage their operations; including areas like credential management and patching? How can we tell how much technical debt they are carrying? Is the vendor that was breached three years ago - and then invested a massive amount improving their security - less of a risk than a vendor that’s never had a publicly disclosed breach?
Only once these questions have been answered – using data – can organisations place full trust in the third-party suppliers they work with. This evaluation is not a ’one and done’, and organisations should assess their vendor relationships on a regular basis to ensure suppliers remain cyber secure.
In a world where high-profile supplier breaches have pushed the topic of supplier risk management high up the boardroom priority list, re-evaluating vendor risk has never been more important.”